September 2024 Security Updates
This release consists of the following 79 Microsoft CVEs:
Tag CVE Base Score CVSS Vector Exploitability FAQs? Workarounds? Mitigations?
Windows TCP/IP CVE-2024-21416
SQL Server CVE-2024-26186
SQL Server CVE-2024-26191
Windows Security Zone Mapping CVE-2024-30073
SQL Server CVE-2024-37335
SQL Server CVE-2024-37337
SQL Server CVE-2024-37338
SQL Server CVE-2024-37339
SQL Server CVE-2024-37340
SQL Server CVE-2024-37341
SQL Server CVE-2024-37342
SQL Server CVE-2024-37965
SQL Server CVE-2024-37966
SQL Server CVE-2024-37980
Windows Installer CVE-2024-38014
Microsoft Office SharePoint CVE-2024-38018
Windows TCP/IP CVE-2024-38045
Windows PowerShell CVE-2024-38046
Windows Network Address Translation (NAT) CVE-2024-38119
Azure Network Watcher CVE-2024-38188
Azure Web Apps CVE-2024-38194
Azure Stack CVE-2024-38216
Windows Mark of the Web (MOTW) CVE-2024-38217
Azure Stack CVE-2024-38220
Dynamics Business Central CVE-2024-38225
Microsoft Office Publisher CVE-2024-38226
Microsoft Office SharePoint CVE-2024-38227
Microsoft Office SharePoint CVE-2024-38228
Windows Standards-Based Storage Management Service CVE-2024-38230
Windows Remote Desktop Licensing Service CVE-2024-38231
Windows Network Virtualization CVE-2024-38232
Windows Network Virtualization CVE-2024-38233
Windows Network Virtualization CVE-2024-38234
Role: Windows Hyper-V CVE-2024-38235
Windows DHCP Server CVE-2024-38236
Microsoft Streaming Service CVE-2024-38237
Microsoft Streaming Service CVE-2024-38238
Windows Kerberos CVE-2024-38239
Windows Remote Access Connection Manager CVE-2024-38240
Microsoft Streaming Service CVE-2024-38241
Microsoft Streaming Service CVE-2024-38242
Microsoft Streaming Service CVE-2024-38243
Microsoft Streaming Service CVE-2024-38244
Microsoft Streaming Service CVE-2024-38245
Windows Win32K - GRFX CVE-2024-38246
Microsoft Graphics Component CVE-2024-38247
Windows Storage CVE-2024-38248
Microsoft Graphics Component CVE-2024-38249
Microsoft Graphics Component CVE-2024-38250
Windows Win32K - ICOMP CVE-2024-38252
Windows Win32K - ICOMP CVE-2024-38253
Windows Authentication Methods CVE-2024-38254
Windows Kernel-Mode Drivers CVE-2024-38256
Windows AllJoyn API CVE-2024-38257
Windows Remote Desktop Licensing Service CVE-2024-38258
Microsoft Management Console CVE-2024-38259
Windows Remote Desktop Licensing Service CVE-2024-38260
Windows Remote Desktop Licensing Service CVE-2024-38263
Windows Remote Desktop Licensing Service CVE-2024-43454
Windows Remote Desktop Licensing Service CVE-2024-43455
Windows Setup and Deployment CVE-2024-43457
Windows Network Virtualization CVE-2024-43458
Windows MSHTML Platform CVE-2024-43461
Microsoft Office Visio CVE-2024-43463
Microsoft Office SharePoint CVE-2024-43464
Microsoft Office Excel CVE-2024-43465
Microsoft Office SharePoint CVE-2024-43466
Windows Remote Desktop Licensing Service CVE-2024-43467
Azure CycleCloud CVE-2024-43469
Azure Network Watcher CVE-2024-43470
SQL Server CVE-2024-43474
Windows Admin Center CVE-2024-43475
Microsoft Dynamics 365 (on-premises) CVE-2024-43476
Power Automate CVE-2024-43479
Microsoft Outlook for iOS CVE-2024-43482
Windows Mark of the Web (MOTW) CVE-2024-43487
Windows Update CVE-2024-43491
Microsoft AutoUpdate (MAU) CVE-2024-43492
Windows Libarchive CVE-2024-43495
Security Update Guide Blog Posts
Date Blog Post
June 27, 2024 Toward greater transparency: Unveiling Cloud Service CVEs
April 9, 2024 Toward greater transparency: Security Update Guide now shares CWEs for CVEs
January 6, 2023 Publishing CBL-Mariner CVEs on the Security Update Guide CVRF API
January 11, 2022 Coming Soon: New Security Update Guide Notification System
February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API
January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners
December 8, 2020 Security Update Guide: Let’s keep the conversation going
November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide
Relevant Resources
You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.
For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).
KB Article Applies To
5002624 SharePoint Enterprise Server 2016
5002639 SharePoint Server 2019
5002640 SharePoint Server Subscription Edition
5042881 Windows 11, version 21H2
5043051 Windows 10, version 1607, Windows Server 2016
5043064 Windows 11 version 24H2
5043067 Windows 11, version 21H2
5043076 Windows 11, version 22H2, Windows 11, version 23H2
5043080 Windows 11 version 24H2
5043083 Windows 10
5043087 Windows Server 2008 (Security-only update)
5043135 Windows Server 2008 (Monthly Rollup)
Released: Sep 10, 2024
September 2024 Security Updates - Release Notes - Security Update Guide - Microsoft
This release consists of the following 79 Microsoft CVEs:
Tag CVE Base Score CVSS Vector Exploitability FAQs? Workarounds? Mitigations?
Windows TCP/IP CVE-2024-21416
SQL Server CVE-2024-26186
SQL Server CVE-2024-26191
Windows Security Zone Mapping CVE-2024-30073
SQL Server CVE-2024-37335
SQL Server CVE-2024-37337
SQL Server CVE-2024-37338
SQL Server CVE-2024-37339
SQL Server CVE-2024-37340
SQL Server CVE-2024-37341
SQL Server CVE-2024-37342
SQL Server CVE-2024-37965
SQL Server CVE-2024-37966
SQL Server CVE-2024-37980
Windows Installer CVE-2024-38014
Microsoft Office SharePoint CVE-2024-38018
Windows TCP/IP CVE-2024-38045
Windows PowerShell CVE-2024-38046
Windows Network Address Translation (NAT) CVE-2024-38119
Azure Network Watcher CVE-2024-38188
Azure Web Apps CVE-2024-38194
Azure Stack CVE-2024-38216
Windows Mark of the Web (MOTW) CVE-2024-38217
Azure Stack CVE-2024-38220
Dynamics Business Central CVE-2024-38225
Microsoft Office Publisher CVE-2024-38226
Microsoft Office SharePoint CVE-2024-38227
Microsoft Office SharePoint CVE-2024-38228
Windows Standards-Based Storage Management Service CVE-2024-38230
Windows Remote Desktop Licensing Service CVE-2024-38231
Windows Network Virtualization CVE-2024-38232
Windows Network Virtualization CVE-2024-38233
Windows Network Virtualization CVE-2024-38234
Role: Windows Hyper-V CVE-2024-38235
Windows DHCP Server CVE-2024-38236
Microsoft Streaming Service CVE-2024-38237
Microsoft Streaming Service CVE-2024-38238
Windows Kerberos CVE-2024-38239
Windows Remote Access Connection Manager CVE-2024-38240
Microsoft Streaming Service CVE-2024-38241
Microsoft Streaming Service CVE-2024-38242
Microsoft Streaming Service CVE-2024-38243
Microsoft Streaming Service CVE-2024-38244
Microsoft Streaming Service CVE-2024-38245
Windows Win32K - GRFX CVE-2024-38246
Microsoft Graphics Component CVE-2024-38247
Windows Storage CVE-2024-38248
Microsoft Graphics Component CVE-2024-38249
Microsoft Graphics Component CVE-2024-38250
Windows Win32K - ICOMP CVE-2024-38252
Windows Win32K - ICOMP CVE-2024-38253
Windows Authentication Methods CVE-2024-38254
Windows Kernel-Mode Drivers CVE-2024-38256
Windows AllJoyn API CVE-2024-38257
Windows Remote Desktop Licensing Service CVE-2024-38258
Microsoft Management Console CVE-2024-38259
Windows Remote Desktop Licensing Service CVE-2024-38260
Windows Remote Desktop Licensing Service CVE-2024-38263
Windows Remote Desktop Licensing Service CVE-2024-43454
Windows Remote Desktop Licensing Service CVE-2024-43455
Windows Setup and Deployment CVE-2024-43457
Windows Network Virtualization CVE-2024-43458
Windows MSHTML Platform CVE-2024-43461
Microsoft Office Visio CVE-2024-43463
Microsoft Office SharePoint CVE-2024-43464
Microsoft Office Excel CVE-2024-43465
Microsoft Office SharePoint CVE-2024-43466
Windows Remote Desktop Licensing Service CVE-2024-43467
Azure CycleCloud CVE-2024-43469
Azure Network Watcher CVE-2024-43470
SQL Server CVE-2024-43474
Windows Admin Center CVE-2024-43475
Microsoft Dynamics 365 (on-premises) CVE-2024-43476
Power Automate CVE-2024-43479
Microsoft Outlook for iOS CVE-2024-43482
Windows Mark of the Web (MOTW) CVE-2024-43487
Windows Update CVE-2024-43491
Microsoft AutoUpdate (MAU) CVE-2024-43492
Windows Libarchive CVE-2024-43495
Security Update Guide Blog Posts
Date Blog Post
June 27, 2024 Toward greater transparency: Unveiling Cloud Service CVEs
April 9, 2024 Toward greater transparency: Security Update Guide now shares CWEs for CVEs
January 6, 2023 Publishing CBL-Mariner CVEs on the Security Update Guide CVRF API
January 11, 2022 Coming Soon: New Security Update Guide Notification System
February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API
January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners
December 8, 2020 Security Update Guide: Let’s keep the conversation going
November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide
Relevant Resources
- The new Hotpatching feature is now generally available. Please see Hotpatching feature for Windows Server Azure Edition virtual machines (VMs) for more information.
- Windows 10 and Windows 11 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10 and Windows 11, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 and Windows 11 operating systems, please see Windows Lifecycle Facts Sheet.
- Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.
- A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
- In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
- Customers running Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.
You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.
For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).
KB Article Applies To
5002624 SharePoint Enterprise Server 2016
5002639 SharePoint Server 2019
5002640 SharePoint Server Subscription Edition
5042881 Windows 11, version 21H2
5043051 Windows 10, version 1607, Windows Server 2016
5043064 Windows 11 version 24H2
5043067 Windows 11, version 21H2
5043076 Windows 11, version 22H2, Windows 11, version 23H2
5043080 Windows 11 version 24H2
5043083 Windows 10
5043087 Windows Server 2008 (Security-only update)
5043135 Windows Server 2008 (Monthly Rollup)
Released: Sep 10, 2024
September 2024 Security Updates - Release Notes - Security Update Guide - Microsoft
My Computer
System One
-
- OS
- Windows 11
